Hackers associated with Anonymous defaced about two dozen websites owned by Panda Security overnight, claiming the act was revenge for the arrests of LulzSec hackers. Panda's main site was not affected, but various subdomains were hacked to include a YouTube video of Anonymous and LulzSec exploits, and "what appeared to be the username and password details of over 100 Panda employees," the Sophos security blog notes.

The attack appears to be a response to a Panda Security blog post about the LulzSec arrests titled "Where is the lulz now?" The post was offline as of the time this story was written, but a cached copy is available. Messages posted by Anonymous on the hacked Panda pages also accuse the company of working with law enforcement to jail Anonymous members.

The Panda employee who wrote the "Where is the lulz now?" blog post, Luis Corrons, has been tweeting about the incident, saying "we have our team taking a look into the defacement right now. And investigations to catch criminals are always fun." Corrons denied Panda helped law enforcement jail LulzSec members, but said "I would have loved to be involved in that."

Panda said the attack was not a severe one, noting in a statement on Facebook that "The attack did not breach Panda Security's internal network and neither source code, update servers nor customer data was accessed. The only information accessed was related to marketing campaigns such as landing pages and some obsolete credentials, including supposed credentials for employees that have not been working at Panda for over five years." Hackers obtained access to a server "hosted outside the Panda Security internal network," which was used for marketing campaigns and company blogs.